package com.storlead.shiro.config;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.storlead.shiro.model.UserInfo;
import com.storlead.shiro.service.UserInfoService;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

/**
 * @Author: Timo
 * @Date: 2019/2/13 14:10
 * @Description: 类用途：
 */
@Slf4j
@Component
public class MyRealm extends AuthorizingRealm {

    private static final String USER_INFO = "USER_INFO";
    /*private static Set<String> roleSet = new HashSet<>();

    static {
        roleSet.add("/user/get");
        roleSet.add("/user/test");
        roleSet.add("/user/add");
        roleSet.add("/user/update");
        roleSet.add("/user/del");
        roleSet.add("/static/js");
        roleSet.add("/static/css");
    }
*/

    @Resource
    private UserInfoService userInfoService;

    /**
     * 授权
     *
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        log.info("给用户授权-》MyRealm.doGetAuthorizationInfo");
        Session session = SecurityUtils.getSubject().getSession();
        UserInfo userInfo = (UserInfo) session.getAttribute(USER_INFO);
        log.info(JSON.toJSONString(userInfo));

        // 授权
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.addStringPermissions(getUserRole(userInfo.getUserName()));

        return authorizationInfo;
    }

    /**
     * 认证
     *
     * @param token
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        log.info("对用户进行认证-》MyRealm.doGetAuthenticationInfo");
        // 获取用户登陆的用户名和密码
        String loginName = (String) token.getPrincipal();
        String password = new String((char[]) token.getCredentials());
        log.info("userName : {},  password : {}", loginName, password);

        // 判断用户是否存在
        UserInfo userInfo = userInfoService.findUser(loginName);
        if (userInfo == null) {
            throw new UnknownAccountException("账号或者密码错误");
        }

        // 将用户的信息放入session缓存起来
        SecurityUtils.getSubject().getSession().setAttribute(USER_INFO, userInfo);

        //SimpleAuthenticationInfo
        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(userInfo.getUserName(), userInfo.getPassword(), getName());
        return simpleAuthenticationInfo;
    }


    private Set<String> getUserRole(String userName){
        Set<String> roleSet = new HashSet<>();
        roleSet.add("/static/js");
        roleSet.add("/static/css");

        if ("bingo".equals(userName)){
            roleSet.add("user:get");
            roleSet.add("user:test");
            roleSet.add("user:add");
        }else {
            roleSet.add("user:get");
            roleSet.add("user:update");
            roleSet.add("user:del");

        }
        return roleSet;
    }


}
